> I would think that the cryptographers in question would be even more
> frustrated that so few products were available, to tell you the truth,
> and would therefore be eager to help when someone makes an honest
> attempt.   

We do. We generally tell them to use the existing protocols, since the
protocols are generally sound even if the implementations are
not. They then often tell us the protocols are too complicated for
them to understand, although they are (for better or ill) generally
about as simple as an effective protocol can get.

> And, given the recent set of widely publicized flaws in openssl and
> openssh, I think that concern about monoculture in cryptography software
> is pretty damn well founded.

We could use more implementations of ssl and of ssh, no
question. Sadly, the other major open source implementation of ssh
(lsh) appears to have very serious buffer overflow problems, and was
not coded to specifically avoid them. There is also FreSSH, but it
does not implement v2, which is pretty much mandatory since v1 has
serious protocol flaws.

However, suggesting to people that they produce more cleanly
implemented and simpler to use versions of existing algorithms and
protocols doesn't seem to excite people, although it would be of
tremendous utility.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to